An NPM package with over 56,000 downloads stole WhatsApp credentials, hid its activity, and installed a backdoor. Koi Security researchers warned that the NPM package ‘Lotusbail’, a WhatsApp Web API library and fork of ‘Baileys’, has been stealing users’ credentials and data. The package has been available for six months and has had over 56,000 […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/186174/malware/npm-package-with-56000-downloads-compromises-whatsapp-accounts.html
